Log in

My Account
Calendar of Events
Support
WiseCourses.com

My Account
Calendar of Events
Support
WiseCourses.com

Category: Vulnerabilities

Erlang/OTP

Erlang/OTP SSH Vulnerability: A Widespread Threat to OT Networks

August 15, 2025 (updated November 8, 2025) Published by Kevin Harrys

A critical SSH vulnerability in Erlang/OTP (CVE-2025-32433), discovered by Ruhr University Bochum, has been rapidly exploited in OT networks across multiple industries and countries, prompting urgent patching and security measures to prevent remote code execution and operational disruptions.

Category: Vulnerabilities

Tags: Erlang/OTP

Hackers use Windows RID hijacking to create hidden admin account

Hackers use Windows RID hijacking to create hidden admin account

January 29, 2025 (updated June 29, 2025) Published by Kevin Harrys

Learn how hackers exploit Windows RID hijacking to create hidden admin accounts, posing serious security threats. Understand the dangers and take action to counter these stealth attacks effectively. Keep yourself informed and safeguard against potential intrusions.

Category: Vulnerabilities

Tags: counter hacking strategies, cybersecurity threat, hidden admin account, safeguarding measures, Windows RID hijacking

Ransomware gang uses SSH tunnels for stealthy VMware ESXi access

Ransomware gang uses SSH tunnels for stealthy VMware ESXi access

January 29, 2025 (updated June 29, 2025) Published by Kevin Harrys

Discover how cybercriminals leverage SSH tunnels to discreetly breach VMware ESXi servers. Experts raise alarms on growing covert access threats amid ransomware operations. Dive into the study shedding light on virtualization security risks.

Category: Vulnerabilities

Tags: Cybercriminals, SSH tunnels, Virtualization security, VMware ESXi

Fortinet Critical CVEs

Fortinet VPN Zero-Day Exploited in Malware Attacks Remains Unpatched

November 27, 2024 (updated June 29, 2025) Published by Kevin Harrys

Security experts express alarm as unpatched Fortinet VPN zero-day continues to fuel malicious attacks. Concerns grow over unresolved vulnerabilities posing a critical security threat. Hackers exploit flaws despite ongoing alerts to users, highlighting persistent risks in today’s cybersecurity landscape.

Category: Vulnerabilities

Tags: Fortinet

Fortinet Critical CVEs

CISA says critical Fortinet RCE flaw now exploited in attacks

October 16, 2024 (updated June 29, 2025) Published by Kevin Harrys

Stay alert! CISA raises alarm as Fortinet RCE flaw exploits surge. Take immediate action to protect your systems.

Category: Vulnerabilities

Tags: Fortinet RCE

Microsoft Windows ‘Critical Vulnerability’ Warning—You Have 72 Hours To Update Your PC

October 6, 2024 (updated June 29, 2025) Published by Kevin Harrys

Stay protected from the latest high-risk security flaw! Microsoft issues urgent warning for Microsoft Windows users, update your PC within 72 hours to secure it. Time is running out.

Category: Vulnerabilities

Tags: Microsoft Windows

RCE Flaw

CISA: Network switch RCE flaw impacts critical infrastructure

October 6, 2024 (updated June 29, 2025) Published by Kevin Harrys

Discover the latest CISA alert on a critical network RCE switch flaw impacting infrastructure security. Learn why immediate action is crucial. WisePlant’s cybersecurity experts emphasize the importance of patching affected devices to protect against potential cyber threats. Collaborative efforts are essential to safeguard national security.

Category: Vulnerabilities

Tags: RCE

Rellio UPS

Unpatched Vulnerabilities Expose Riello UPSs to Hacking: Security Firm

September 25, 2024 (updated June 29, 2025) Published by Marina Fuentes

Discover how WiseGroup’s Security Firm uncovered critical unpatched vulnerabilities in Riello UPSs, posing severe security risks.

Category: Vulnerabilities

Tags: Riello

CISA Warns

CISA warns of Windows flaw used in infostealer malware attacks

September 20, 2024 (updated June 29, 2025) Published by Kevin Harrys

CISA alerts of critical Windows flaw exploited in infostealer malware attacks, stressing urgent action. WisePlant is here to safeguard your systems.

Category: Vulnerabilities

Tags: CISA, Infostealer, Windows

FreeBSD Releases Urgent Patch for High-Severity OpenSSH Vulnerability

September 13, 2024 (updated June 29, 2025) Published by Kevin Harrys

FreeBSD takes swift action to address critical OpenSSH vulnerability, issuing urgent patch for heightened security.

Category: Vulnerabilities

Tags: FreeBSD, OpenSSH

0.0.0.0 Day: 18-Year-Old Browser Vulnerability Impacts MacOS and Linux Devices

September 13, 2024 (updated June 30, 2025) Published by Kevin Harrys

A recently discovered “0.0.0.0 Day” vulnerability that affects major web browsers like Chrome, Firefox, and Safari. This vulnerability could be exploited by malicious websites to gain unauthorized access to local networks on macOS and Linux devices.

Category: Vulnerabilities

Tags: Linux, macOS

VMware ESXi hypervisor vulnerability grants full admin privileges

August 12, 2024 (updated June 30, 2025) Published by Kevin Harrys

Security researchers at Microsoft have discovered a vulnerability in VMware ESXi hypervisors that has been exploited by ransomware operators to gain full administrative access to a domain-joined hypervisor.

Category: Vulnerabilities

Tags: VMware ESXi

ICS malware FrostyGoop takes advantage of Modbus weakness, remains a threat to OT worldwide.

August 1, 2024 (updated June 30, 2025) Published by Kevin Harrys

The malware leverages Modbus TCP communications to target operational technology assets — and can easily be repurposed to compromise other industrial controllers, putting widespread critical infrastructure at risk.

Category: Threats, Vulnerabilities

Tags: FrostyGoop, Modbus

PFFail

PKfail Secure Boot bypass lets attackers install UEFI malware

July 30, 2024 (updated June 30, 2025) Published by Kevin Harrys

PKfail, a supply-chain issue, has affected hundreds of UEFI products for over 12 years, leaving nearly 900 devices vulnerable to malware installation. Vendors and users must follow best practices, apply updates and patches, monitor, and protect devices, and replace test keys. Prompt firmware upgrades are advised, and leaked AMI PK devices should be disconnected from critical networks.

Category: Vulnerabilities

Tags: PKFail

CISA warns of actively exploited Juniper pre-auth RCE exploit chain

November 20, 2023 (updated June 30, 2025) Published by Kevin Harrys

In addition, CISA is working with Juniper Networks to develop a patch for the vulnerabilities associated with the exploit chain. CISA is also working with other vendors to ensure that their products are not vulnerable to the exploit chain.

Category: Vulnerabilities

Tags: Juniper

Codesys

Industrial PLCs worldwide impacted by CODESYS V3 RCE flaws

August 15, 2023 (updated October 14, 2025) Published by Robert Mannash

Industrial PLCs around the world are vulnerable to CODESYS V3 RCE flaws, potentially leading to serious security risks. Learn more about the potential impacts and how to protect your systems.

Category: Vulnerabilities

Tags: Codesys

Cisco Switch Vulnerabilities

Cisco warned customers of a high-severity cisco switch vulnerabilities.

July 18, 2023 (updated September 16, 2024) Published by Kevin Harrys

Cisco has recently warned customers of a high-severity vulnerability impacting some of its switch models. This vulnerability could allow attackers to tamper with encrypted traffic, potentially leading to data theft or other malicious activities. Cisco has released a security advisory to address the issue and is urging customers to update their systems as soon as possible.

Category: Vulnerabilities

Tags: Cisco

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

CISA Warns of Flaws in Siemens, GE Digital, and Contec Industrial Control Systems

February 10, 2023 (updated September 16, 2024) Published by Kevin Harrys

CISA has issued a warning about critical vulnerabilities in Siemens, GE Digital, and Contec industrial control systems. These flaws could allow attackers to gain access to and manipulate the systems.

Category: Vulnerabilities

Tags: Contec, Energy, GE, Siemens

CISA Alert: Veeam Backup

CISA Alert: Veeam Backup and Replication Vulnerabilities Being Exploited in Attacks

January 15, 2023 (updated September 16, 2024) Published by Antonio Da Silva

CISA has issued an alert warning of active exploitation of vulnerabilities in Veeam Backup and Replication. Organizations should take steps to protect their systems from potential attacks.

Category: Vulnerabilities

Tags: Backups, Veeam

New attacks use Windows security bypass zero-day to drop Qbot malware

November 20, 2022 (updated September 16, 2024) Published by Kevin Harrys

New phishing attacks use a Windows zero-day vulnerability to drop the Qbot malware without displaying Mark of the Web security warnings.

Category: Threats, Vulnerabilities

Tags: Malware, Qbot, Windows

Posts pagination

Page 1 Page 2 Next page

Latest News

The Solution to Non-Tolerable Consequences of an Incident in OT December 1, 2025
WisePlant Group LLC & WiseCourses LLC Reaffirm Leadership in Industrial Cybersecurity During Awareness Month 2025 October 7, 2025
Erlang/OTP SSH Vulnerability: A Widespread Threat to OT Networks August 15, 2025
Cybersecurity Maintenance in Industrial Plants July 10, 2025
Supporting Safe & Secure Plant Operations July 4, 2025
Security Acceptance Testing in Industrial Environments July 4, 2025
Implementing Safety and Security Measures in Industrial Environments July 2, 2025
Designing Cybersecurity for Control Systems in Industrial Plants June 30, 2025
Cyber Risk Analysis in Industrial Plants June 29, 2025
Explosion aboard sewage boat kills one person in New York City May 30, 2025
Explosion at diesel processing facility injures worker in mexico facility May 23, 2025
Analyzing the Cybersecurity Risk Formula to Calculate Risk May 18, 2025
Chemical plant fire in Spain sends several towns into lockdown May 15, 2025
A practical approach to Process safety (PS) Courses: New training program at WiseCourses May 15, 2025
The Flixborough disaster May 13, 2025

Upcoming Events

Notice

There are no upcoming events.

Contact Us

Contact us
Technical Support
Certified Partners Program

Price Lists

WiseCourses Training
WisePlant Solutions
The Shop Store

Training & Certification

WiseCourses Campus
Industrial Cybersecurity
Knowledge & Experience

OTC News

The News That Matters
Oil & Gas industries
Electrical energy industries
Consequences within OT
Vulnerabilities within OT
Threats to OT Domain
OTC Newsletter

Company

About Us
Support Center
The Shop
Information Center
Web Security
Contact us

Resources

Lifecycle Safety & Security Services
Certified Partner Program
Training & Certification
Prices: Training Offering
Prices: Solutions & Services

Lastest News

The News That Matters
Oil & Gas News
Electric Energy News
New Consequences
New Vulnerabilities
New Threats

Follow Us

WisePlant Group LLC - A WiseGroup Company

All rights reserved | Copyright 2025 | Main address: 66 West Flagler Street Suite #900, Miami Dade, FL 33130, Florida, United States.

Insert/edit link

Enter the destination URL

URL

Link Text

Open link in a new tab

Or link to existing content

Search

No search term specified. Showing recent items. Search or use up and down arrow keys to select an item.